Summary
When NIST PQC libraries stabilize, implement dual-signing (classical + post-quantum) during transition.
Algorithms ready in enum
- ML-DSA-65 (CRYSTALS-Dilithium, FIPS 204)
- ML-DSA-87 (higher security)
- SLH-DSA-128s (SPHINCS+, FIPS 205, hash-based, conservative)
Approach
- Dual-sign: ES256 signature + ML-DSA-65 signature in same attestation
- Verifiers accept either during transition
- Eventually drop classical when PQC is universal
No format changes needed
Algorithm enum already supports these variants. Just implementation + library integration.
Timeline
Monitor: liboqs, ring-pqc, pqcrypto crate maturity. Not urgent until quantum threat is real.
Summary
When NIST PQC libraries stabilize, implement dual-signing (classical + post-quantum) during transition.
Algorithms ready in enum
Approach
No format changes needed
Algorithm enum already supports these variants. Just implementation + library integration.
Timeline
Monitor: liboqs, ring-pqc, pqcrypto crate maturity. Not urgent until quantum threat is real.